mnt-nfy
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Janos Zsako
zsako at banknet.net
Fri Oct 18 12:25:02 CEST 1996
> From owner-db-wg at ripe.net Fri Oct 18 08:19:02 1996 > In my opinion notifications should *not* be sent to the originator of > the change request. We had too many complaints about too many > notifications. Those wishing to receive notifications of their own > changes can easily achieve that by putting an alias mailbox into their > notification attributes. I think I have no problem with the above (I mean I will not argue in favour of changing this). > Note also that this smartness quite consciously introduces less > 'security' because it allows someone to make clandestine changes by > forging his From:-address to avoid notification. We did this because > those with really high security requirements shoud use maintainers with > a stronger authentication menthod. Correct. However I originally noticed that this "feature" also works by adding a Reply-to: in the header... My point at the RIPE meeting was that when sending an update with a Reply-to, the mnt-nfy DOES get a "warning" message, that somebody made SOME updates, (since the "Congratulations" are sent to her), but has no clue wrt. WHAT exactly has been modified (usually the Subject: line does not provide accurate information - if at all)... (Of course, the situation can be even worse if the From: line is forged...) If I remember correctly, at the DB-WG session the absence of the notification (in the Reply-to case at least) was considered a *bug*. I still incline to consider the "Reply-to case" a bug (or *unwanted* feature). Forging the mail header is usually less trivial than adding a Reply-to. The latter can even occur inadvertently (this is how I discovered all the above). Janos PS. I suppose (and strongly hope :)) the authentication is based on the From: and not the Reply-to:.
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
[ db-wg Archives ]